Revokereasons (#42)

* Allow use of basic auth only

* Trim all leading 0s when searching by serial number

* change revoke reason to unspecified for everything other than keyCompromise

CHANGELOG.md

@@ -16,4 +16,7 @@
 
 1.1.0  
 -Added support for basic auth (no client certificate)  
--Fixed an issue with cert lookups when the serial number has leading 0s
+-Fixed an issue with cert lookups when the serial number has leading 0s
+
+1.2.0  
+-Change revoke to always pass 'unspecified' as the reason code for any reason other than Key Compromised, and to include the reason in the comment instead.

src/EntrustRestCAProxy/EntrustCAConnector.cs

@@ -534,8 +534,15 @@ public override int Revoke(string caRequestID, string hexSerialNumber, uint revo
 			Dictionary<string, object> connectionInfo = ConfigProvider.CAConnectionData;
 			EntrustClient client = CreateEntrustClient(connectionInfo);
 			string reason = Conversions.RevokeReasonToString(revocationReason);
-			string comment = "Revoked by Entrust Gateway";
+			string comment = $"Revoked by Entrust Gateway for the following reason: {reason}";
 			CAConnectorCertificate cert = GetSingleRecord(caRequestID);
+
+			if (!string.Equals(reason, "keyCompromise"))
+			{
+				// Entrust no longer accepts any reason codes other than keyCompromise and unspecified.
+				reason = "unspecified";
+			}
+
 			if (!(cert.Status == (int)RequestDisposition.ISSUED))
 			{
 				string errorMessage = String.Format("Request {0} was not found in Entrust database or is not in a valid state to perform a revocation", caRequestID);